package com.xht.security.config.annotation.web.configurers;

import com.xht.constant.SecurityConstant;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;

/**
 * <h1>描述 ：表单登录 HttpSecurity 配置</h1>
 *
 * @author : 小糊涂
 * @version : 1.0
 **/
public class FormLoginConfigurer extends AbstractHttpConfigurer<FormLoginConfigurer, HttpSecurity> {

    @Override
    public void init(HttpSecurity http) throws Exception {
        http.formLogin(formLogin -> {
                    formLogin.loginPage(SecurityConstant.LOGIN_PAGE_URL);
                    formLogin.loginProcessingUrl(SecurityConstant.LOGIN_PROCESSING_URL);
                }).logout() // SSO登出成功处理
                .deleteCookies(SecurityConstant.JSESSIONID)
                .invalidateHttpSession(Boolean.TRUE)
                .and()
                .csrf()
                .disable();
    }
}
